CWE-352

Medium likelihood

Cross-Site Request Forgery (CSRF)

Parent: CWE-345 - Insufficient Verification of Data Authenticity

The web application does not, or cannot, sufficiently verify whether a request was intentionally provided by the user who sent the request, which could have originated from an unauthorized actor.

9,380 vulnerabilities with CWE-352
CVE-2018-10312 HIGH
WUZHI CMS 4.1.0 - CSRF
CVSS 8.8
CVE-2018-10233 HIGH
WordPress User Profile & Membership <2.0.7 - CSRF
CVSS 8.8
CVE-2018-10295 HIGH
ChemCMS 1.0.6 - Cross-Site Request Forgery via Admin User Addition
CVSS 8.8
CVE-2018-10267 HIGH
WTCMS 1.0 - Cross-Site Request Forgery via Admin User Add Endpoint
CVSS 8.8
CVE-2018-10266 HIGH
BEESCMS 4.0 - Cross-Site Request Forgery via Admin Account Addition
CVSS 8.8
CVE-2018-10265 HIGH
HongCMS v3.0.0 - Cross-Site Request Forgery via Admin User Save
CVSS 8.8
CVE-2018-10249 HIGH
baijiacms V3 - Cross-Site Request Forgery via Administrator Account Addition
CVSS 8.8
CVE-2018-10248 MEDIUM
WUZHI CMS 4.1.0 - CSRF
CVSS 6.5
CVE-2018-0259 HIGH
Cisco MATE Collector - Cross-Site Request Forgery
CVSS 8.8
CVE-2018-0255 HIGH
Cisco Industrial Ethernet Switches - Cross-Site Request Forgery in Device Manager Web Interface
CVSS 8.8
CVE-2018-10188 HIGH
phpMyAdmin 4.8.0 - Cross-Site Request Forgery
CVSS 8.8
CVE-2018-10224 MEDIUM
YzmCMS 3.8 - Cross-Site Request Forgery
CVSS 6.8
CVE-2018-10223 MEDIUM
YzmCMS 3.8 - Cross-Site Request Forgery via Admin Account Addition
CVSS 6.8
CVE-2018-10222 HIGH
idreamsoft iCMS V7.0 - Cross-Site Request Forgery via Column Addition
CVSS 8.8
CVE-2018-10185 HIGH
TuziCMS 2.0.6 - Cross-Site Request Forgery
CVSS 8.8
CVE-2018-10137 HIGH
iScripts UberforX 2.2 - Cross-Site Request Forgery in Admin Panel Manage Settings
CVSS 8.8
CVE-2018-10132 HIGH
PbootCMS v0.9.8 - Cross-Site Request Forgery via Message Modification Endpoint
CVSS 8.8
CVE-2018-10127 HIGH
XYHCMS 3.5 - Cross-Site Request Forgery via User Addition Request
CVSS 8.8
CVE-2018-10117 HIGH
idreamsoft iCMS V7.0.7 - Cross-Site Request Forgery via Admin Account Addition
CVSS 8.8
CVE-2018-6934 HIGH
PHP Scripts Mall Online Tutoring Script 2.0.3 - Cross-Site Request Forgery in Student Personal Info
CVSS 8.8
CVE-2018-10048 HIGH
iScripts eSwap v2.4 - Cross-Site Request Forgery via Admin Panel Registration Settings
CVSS 8.8
CVE-2018-10031 HIGH
CMS Made Simple < 2.2.7 - Cross-Site Request Forgery in admin/moduleinterface.php
CVSS 8.8
CVE-2018-10030 HIGH
CMS Made Simple < 2.2.7 - Cross-Site Request Forgery in admin/siteprefs.php
CVSS 8.8
CVE-2018-9927 HIGH
Wuzhicms - Cross-Site Request Forgery
CVSS 8.8
CVE-2018-9926 HIGH
Wuzhicms - Cross-Site Request Forgery
CVSS 8.8
Details
Vulnerabilities 9,380
Exploit Likelihood Medium